Show

sorted by

Why does a user's name get attached to the system.agent.ad.update_user action with LDAP integration?

We are using the Okta LDAP Agent and every time a user logs in, a "system.agent.ad.update_user" shows in the logs with my username attached as the actor. I'm assuming this is because I set up the agent.

Is there a way to change this? What happens if my user is no longer in the system - will the actions fail?

Thank you for reaching out to Okta Support, my name is Adrian and I'll be handling your case. That is correct, the reason why your username appears is because you are the one that configured the agent. If you want to have that changed you can create a service account with Super Admin rights in Okta and reinstall the agent, that will re-create the API token with the name of the service account.

All Answers

Adrian Mocanu(Okta, Inc.)

Thank you for reaching out to Okta Support, my name is Adrian and I'll be handling your case. That is correct, the reason why your username appears is because you are the one that configured the agent. If you want to have that changed you can create a service account with Super Admin rights in Okta and reinstall the agent, that will re-create the API token with the name of the service account.

This was selected as the best answer

Derek Miller

Thanks, Adrian!

Can you address the second part of my question? Will the agent fail if my user is removed from Okta?

The reason that creating a service account is difficult for us is because we enforce MFA for all users.